EDRI - Airline Passenger Data

German Protests in over 30 cities against surveillance

Wed, 02 Jul 2008 20:57:55 +0100

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

On 31 May 2008, privacy activists organized new rallies in more than 30 cities across Germany.

Following the November 2007 protests under the motto "Freedom not Fear"("Freiheit statt Angst"), thousands of citizens participated in this year street actions.

Numerous demonstrations, rallies, information events, as well as workshops and art performances sent clear signals to protect constitutional rights and limit the rampant proliferation of surveillance.

The rallies had the goal of demonstrating to the ruling grand coalition, a decisive NO of citizens to the blanket collection and storage of data, as well as to the surveillance of all details of daily life. The activities were

The US-EU agreement on personal data exchange by law enforcement

Wed, 02 Jul 2008 20:52:56 +0100

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

As stated by the New York Times on 26 June 2008, the United States and the European Union are close to conclude an agreement allowing the exchange of personal data of their citizens, including credit card information, travel history and Internet browsing information in order to be shared with the law enforcement and security agencies.

According to an internal report revealed by the newspaper, the potential agreement that has been negotiated since February 2007 between the US Department of Homeland Security (DHS), the Justice and State departments and their European counterparts will make clear that it is lawful for European governments and companies to transfer personal information to the United

Eurobarometers on data protection in EU

Wed, 23 Apr 2008 18:24:28 +0100

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

--- Version corrected on 24.04.2008---

According to a couple of Eurobarometer surveys on data protection, issued by the European Commission on 17 April 2008, EU citizens have little faith in the security of data transmission on the Internet.

Two surveys were conducted by Gallup in January 2008, investigating the perceptions on data protection among EU citizens and data controllers respectively. The surveys involved about 27000 EU citizens and 5000 companies from all 27 member states.

The findings of the surveys show that 82% of European Internet users have little trust in personal data management on the Internet and 64% of EU citizens are concerned about data protection issues feeling that the

PNR Data infringes human rights

Wed, 09 Apr 2008 19:20:40 +0100

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

The German Working Group on Data Retention expanded its activities beyond the data retention issues, by publishing two applications to the European Court of Justice by the European Parliament contesting the transfer of PNR data to the US.

The documents explain why the collection of air passenger data in the US as well as a similar proposal by EU commissioner Franco Frattini are incompatible with the air travellers' fundamental rights. First, the blanket collection of all PNR data violates the basic right to privacy and protection of our personal data. The finality of the data retained is not precisely defined; a "blank cheque" is given to the authorities permitting an unforeseeable use of the data for other purposes. Also, sensitive data

Czechs became Trojan horses for new US visa waiver programme

Wed, 26 Mar 2008 21:02:56 +0000

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

Czech Republic Interior Minister Ivan Langer and U.S. Homeland Security Secretary Michael Chertoff signed on 26 February 2008 in Washington D.C. the Memorandum of Understanding which is the first step in introducing new electronic visa programme for all EU countries.

In this Memorandum Czech authorities agreed to "passenger and other information sharing, screening information concerning known or suspected terrorists, information to combat terrorism and serious crime, and information on migration matters" with the US authorities and also promised to "allow for the further dissemination of transferred information within the United States Government". Czech Ministry of Interior agreed "to provide

High Level Contact Group talks about EU-US personal data issues

Wed, 12 Mar 2008 20:26:45 +0000

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

According to a document revealed by Statewatch, the EU and US are negotiating the data protection principles for which common language has been developed. The Group has as purpose to draft a proposal that should deal with the personal data protection in any future EU-US agreements that will deal with this topic.

In November 2007 Paul Rosenzweig, Deputy Assistant Secretary for Policy at the US DHS said, on the EU requirement, that data could only be passed to third states whose laws passed the "adequacy" test guaranteeing equivalent rights:

"The EU should reconsider its decision to apply notions of adequacy to the critical area of law enforcement and public safety. Otherwise the EU runs

Biometric data from non-EU travellers

Wed, 13 Feb 2008 18:11:51 +0000

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

A set of new measures including biometric data from non-EU travellers are being proposed these days by the European Commission (EC). The proposals, drafted by Franco Frattini, the European Commissioner for Justice, Freedom and Security, are being put forward by the EC, arguing that the cross-border policy has to be revised to face the new challenges related to terrorism, organised crime and illegal migration.

The package proposes the creation of an entry/exit register of non-European visitors to the EU bloc that will record the dates of entry and exit of each non-EU individual admitted to the Schengen visa-free area using biometric identifiers. In cases when a person's visa has expired, an alert can be

Main data protection concerns with the EU policy developments in 2007

Wed, 30 Jan 2008 20:31:39 +0000

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

The Lisbon Treaty was signed in December 2007. Notwithstanding the many critics raised by this Treaty, the text, when ratified by all member States, will bring two major improvements to the EU and its citizens. First, the Charter of Fundamental Rights of the European Union will become part of the Community acquis, including its articles 7 (Respect for private and family life) and 8 (Protection of personal data). Secondly, the Treaty will allow the accession of the EU to the European Convention on Human Rights and, hence, will give EU citizens the possibility of being protected against abuses of their human rights by EU institutions. This improvement would be much welcome, especially - though not exclusively - considering the

Key privacy concerns in Czech Republik 2007

Wed, 30 Jan 2008 20:20:00 +0000

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

Last year has seen an increased number attempts from government bodies to extend their powers and make it easier to access people's private information. To name a few, there were legal proposals to increase the number of agencies authorized to access and process electronic communication data collected by telecommunication companies under the Data Retention law, national DNA database enlargement, plans for various administrative database sharing, introduction of even more CCTV systems and the pressure on air travel operators to share records about their passengers. The introduction of biometric into travel documents data as a mean of identification and the use of contactless chip technologies

Recommended Action

Wed, 07 Nov 2007 18:27:27 +0000

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

Privacy International in a coalition with over 50 other organisations from around the world, including EDRI, is in the process of appealing for the imminent implementation of the Immigration Control and Refugee Recognition Act by the Japan's Ministry of Justice. The act will make fingerprint and face-scan compulsory for Japan's visitors and foreign residents. The campaign will be launched later this week.

If any organisation wants to endorse this privacy campaign, please contact as soon as possible Gus Hosein - Privacy International - gus at privacy.org.

EC plans to profile all passengers in and out EU

Wed, 07 Nov 2007 18:17:58 +0000

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

The European Commission(EC) put forward on 6 November 2007 a PNR plan that is almost similar to the EU-USA PNR (Passenger Name Records) agreement. The EU PNR plan is part of a new package of proposals "aimed at improving the EU's capabilities in the fight against terrorism."

According to this proposal, EU will have to collect 19 pieces of personal data on air passengers coming into and leaving the EU space, including phone number, e-mail address, travel agent, full itinerary, billing data and baggage information. The information will be collected in analysis units that will make a "risk assessment" of the traveller, which could lead to the questioning or even refusal of the entry. The data is to be kept for

US gains new advantages in the EU-USA PNR agreement

Wed, 12 Sep 2007 18:46:19 +0100

In some recently published documents, Statewatch revealed that very soon after the EU-USA agreement on PNR (passenger name record) was signed on 28 June 2007, the US government announced some changes in its Privacy Act that give exemptions from responding to request for personal information held to DHS (Department of Homeland Security) and ATS (Automated Targeting System). US Government also sent a written request to the Council of EU to agree on keeping secret all the documents on the negotiations for at least 10 years.

The declared purpose of the above-mentioned exemptions is for "national security, law enforcement, immigration and intelligence activities. These exemptions are needed to protect information relating to DHS investigatory and enforcement activities from disclosure to subjects or others related to

Czech government accepts the new PNR agreement with reservations

Wed, 01 Aug 2007 19:06:10 +0100

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

On the 18 July 2007, the Czech government approved, with signficant reservations, the new PNR agreement prepared by the European Commission with the US Department for Homeland Security (DHS).

During the short period of consultations among the Czech authorities and politicians on the new agreement, the Czech Data Protection Authority stated that the current proposal deteriorated the level of protection of personal data. The Czech Data Protection Authority however did not clearly oppose the new agreement.

Following the EDRi-member Iuridicum Remedium lobbing activities, the Green Party MP Katerina Jacques took up the position of the privacy activists group and pushed for stricter and more binding assurances to protect data of

European Parliament adopts harsh resolution on the new PNR agreement

Wed, 18 Jul 2007 17:31:54 +0100

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

On 10 July 2007 the members of the European Parliament (EP) adopted with an overwhelming majority, close to 90%, a Resolution that heavily criticizes the new PNR agreement struck by the European Commission with the US Department for Homeland Security (DHS), considering it "substantively flawed", in particular by "open and vague definitions and multiple possibilities for exception".

The EP considers that the new deal still fails to offer an adequate level of data protection and that it has been concluded without any involvement of parliaments from both sides, lacking democratic oversight. The resolution explains what are the main weak points of the agreement:

a. The handling, collection, use and storage of personal data from air

Final agreements between EU and USA on PNR and SWIFT

Wed, 04 Jul 2007 17:54:27 +0100

(Dieser Artikel ist auch in deutscher Sprache verfügbar)

After a long and difficult period of negotiations, on 28-29 June 2007, final agreements were reached between EU and USA on the data regarding European financial transactions operated by Belgian consortium SWIFT and on the passenger name records (PNR) issue respectively.

Regarding the access to financial data from SWIFT, the US has committed to use any data received from SWIFT exclusively for counter-terrorism purposes, the data retention period being of 5 years.

SWIFT is also bound to "adequately" protect the privacy of data according to EU principles as laid out in 2000 and further more, from now on, all banks using SWIFT will have to inform their customers about any transfers of their